Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oAFc1YRfeJfXw9ZaymQZky-kUg4.roa
File: oAFc1YRfeJfXw9ZaymQZky-kUg4.roa (raw, json)
Hash identifier: vylmNrZuSVWMS0FtdWroKfTeK2X2lZp36UYsW4MEU8U=
Subject key identifier: A0:01:5C:D5:84:5F:78:97:D7:C3:D6:5A:CA:64:19:93:2F:A4:52:0E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01901A48749BCD8888AAA2056B25E140A797
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oAFc1YRfeJfXw9ZaymQZky-kUg4.roa
Signing time: Sat 15 Jun 2024 05:04:34 +0000
ROA not before: Sat 15 Jun 2024 05:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:1a48:1f82/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 15 Jun 2024 05:10:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:1a:48:74:9b:cd:88:88:aa:a2:05:6b:25:e1:40:a7:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 15 05:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0015cd5845f7897d7c3d65aca6419932fa4520e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d0:07:76:86:f4:78:fb:51:fd:67:55:7e:b0:
99:4e:d5:96:62:7b:30:f3:72:03:f8:54:d2:6a:ef:
48:23:e7:57:90:a7:19:1e:c9:8c:95:61:7f:12:9d:
bb:0c:32:19:ed:60:50:da:69:a2:cd:9c:27:a4:b9:
2f:d9:6d:3c:ca:04:c0:c6:d8:a5:8a:4e:7c:66:a5:
3e:65:12:19:29:f3:8c:f6:57:2a:34:84:c8:bd:4a:
52:6e:95:bd:30:b7:f3:b9:51:11:1b:86:28:f0:15:
c1:89:68:89:0e:03:cf:34:40:0e:84:c7:8b:85:52:
53:b1:0e:a8:78:6d:3b:0d:c3:af:20:09:69:8f:c6:
91:bc:ea:8b:70:a7:db:54:63:06:3b:55:b7:d2:72:
e6:66:2b:98:f9:29:6d:0d:f8:85:5b:3e:85:b5:99:
93:0c:fe:0f:fa:da:05:c2:e1:d4:b4:bb:ac:c4:96:
91:68:c5:be:8f:97:d4:8b:1d:db:c7:36:12:c8:1b:
6d:70:6c:79:85:3d:dc:68:9a:05:41:57:93:b8:5f:
91:23:3c:70:0f:30:0d:55:19:89:44:d4:9e:c4:4c:
fd:92:b6:32:6c:07:f6:86:90:44:9c:fe:7b:d0:f2:
00:03:68:52:c0:f3:57:3d:ee:fc:29:17:b2:7e:bf:
a6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:01:5C:D5:84:5F:78:97:D7:C3:D6:5A:CA:64:19:93:2F:A4:52:0E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oAFc1YRfeJfXw9ZaymQZky-kUg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:c1:35:a7:6d:8d:4e:e2:d5:10:f6:19:e9:40:af:e1:42:7b:
14:7a:c7:0a:11:15:0d:ad:e0:da:cc:95:8e:2e:fc:4c:c8:d8:
b0:73:68:27:f1:b6:d0:0a:86:26:c7:80:8d:a9:cf:ca:bc:97:
56:c2:43:fd:8b:e0:38:45:0d:22:21:d3:5c:d6:96:5d:f6:33:
f4:65:a0:60:43:21:c0:42:80:05:f7:f8:51:5a:78:de:85:49:
2a:dd:12:97:06:67:fc:dc:75:fc:5d:de:ef:7a:31:00:b5:27:
aa:30:77:28:a3:ec:d7:ff:2d:6d:35:02:e3:38:91:48:d1:12:
39:7d:43:9c:a3:12:34:22:f4:c4:6a:5f:d5:33:8a:de:a3:4a:
1d:cf:e4:1f:bd:c2:3b:f5:2b:9e:3a:b1:d0:8a:9d:7a:ed:05:
01:88:4b:80:f3:9f:74:fe:c2:1b:07:dc:8c:4a:62:4a:53:23:
b5:3e:52:67:43:c9:01:a8:a0:f7:e9:98:6b:4d:fa:fd:c4:f2:
bd:bd:8e:c2:01:c4:b7:70:f4:3c:57:90:cf:0c:dc:de:18:23:
de:18:18:57:18:7a:de:39:b2:6a:7d:ca:28:11:92:fc:75:c5:
1c:8f:56:c1:b0:93:51:f1:5d:de:e6:c0:c8:99:47:f5:9a:f8:
ea:99:d5:f2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAaSHSbzYiIqqIFayXhQKeXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE1MDUwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDAxNWNkNTg0NWY3ODk3ZDdjM2Q2NWFjYTY0MTk5MzJmYTQ1MjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytAHdob0ePtR/WdVfrCZTtWWYnsw
83ID+FTSau9II+dXkKcZHsmMlWF/Ep27DDIZ7WBQ2mmizZwnpLkv2W08ygTAxtil
ik58ZqU+ZRIZKfOM9lcqNITIvUpSbpW9MLfzuVERG4Yo8BXBiWiJDgPPNEAOhMeL
hVJTsQ6oeG07DcOvIAlpj8aRvOqLcKfbVGMGO1W30nLmZiuY+SltDfiFWz6FtZmT
DP4P+toFwuHUtLusxJaRaMW+j5fUix3bxzYSyBttcGx5hT3caJoFQVeTuF+RIzxw
DzANVRmJRNSexEz9krYybAf2hpBEnP570PIAA2hSwPNXPe78KReyfr+mRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKABXNWEX3iX18PWWspkGZMvpFIOMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvb0FGYzFZUmZlSmZYdzlaYXltUVpreS1rVWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFLBNadtjU7i1RD2GelA
r+FCexR6xwoRFQ2t4NrMlY4u/EzI2LBzaCfxttAKhibHgI2pz8q8l1bCQ/2L4DhF
DSIh01zWll32M/RloGBDIcBCgAX3+FFaeN6FSSrdEpcGZ/zcdfxd3u96MQC1J6ow
dyij7Nf/LW01AuM4kUjREjl9Q5yjEjQi9MRqX9Uzit6jSh3P5B+9wjv1K546sdCK
nXrtBQGIS4Dzn3T+whsH3IxKYkpTI7U+UmdDyQGooPfpmGtN+v3E8r29jsIBxLdw
9DxXkM8M3N4YI94YGFcYet45smp9yigRkvx1xRyPVsGwk1HxXd7mwMiZR/Wa+OqZ
1fI=
-----END CERTIFICATE-----
Generated at Sat Jun 15 06:11:30 2024 by rpki-client on console-fra.rpki-client.org